CVE-2017-12617, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617, the vulnerability affects only if:

  1. Tomcat is configured in readonly=false mode. This requires a specific setting in conf/web.xml to be set, which Ubisecure SSO does not do.
  2. WebDAV servlet is used and is configured in readonly=false mode. Ubisecure SSO doesn’t use WebDAV servlet.”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>